Get-Certificate : Template is not supported by this CA

I came across this error while trying to automate a computer certificate enrollment. I used the following command:

$Cert = Get-Certificate -Template "CUSTOM TEMPLATE NAME" -CertStoreLocation "cert:\CurrentUser\My"

This give me the following error:

Get-Certificate : CertEnroll::CX509Enrollment::InitializeFromTemplateName: Template is not supported by this CA. 0x80094800 (-2146875392 CERTSRV_E_UNSUPPORTED_CERT_TYPE)

I tried this command with the default webserver template and it went fine. But all custom templates failed. I’m not sure why that is but if I had to guess it’s probably because there is a space in the name. Here’s how you fix it:

Enroll once manually. Then open the enrolled certificate, go to the Details tab and click on Certificate Template Information. Copy the identifier behind the template name that’s in parenthesis (E.G. Template=CUSTOM TEMPLATE NAME(1.3.6.1.4.1.31224.25465768…..) and use that identifier number in your command instead of the name of the template:

So the command would be:

$Cert = Get-Certificate -Template 1.3.6.1.4.1.315.64..... -CertStoreLocation "cert:\CurrentUser\My"

Hope it’s useful for some of you out there.

Michaja van der Zouwen

Is an all-round IT engineer with special skills in Microsoft, Citrix, RES and VMware products. Loves a challenge in his work and has taught himself scripting. Initially batch scripts, and later PowerShell. This helps him to automate processes and procedures, and to develop his own management tools which can be used every day.

Core qualities
Team player, enthusiastic, eager to learn, sociable, positive

Hobbies
Football, playing music, watching movies and series

Job description
Senior Technical Specialist